Recent advancements in Large Language Models (LLMs) have showcased remarkable capabilities across various tasks in different domains. However, the emergence of biases and the potential for generating harmful content in LLMs, particularly under malicious inputs, pose significant challenges. Current mitigation strategies, while effective, are not resilient under adversarial attacks. This paper introduces Resilient Guardrails for Large Language Models (RigorLLM), a novel framework designed to efficiently and effectively moderate harmful and unsafe inputs and outputs for LLMs. By employing a multi-faceted approach that includes energy-based training data augmentation through Langevin dynamics, optimizing a safe suffix for inputs via minimax optimization, and integrating a fusion-based model combining robust KNN with LLMs based on our data augmentation, RigorLLM offers a robust solution to harmful content moderation. Our experimental evaluations demonstrate that RigorLLM not only outperforms existing baselines like OpenAI API and Perspective API in detecting harmful content but also exhibits unparalleled resilience to jailbreaking attacks. The innovative use of constrained optimization and a fusion-based guardrail approach represents a significant step forward in developing more secure and reliable LLMs, setting a new standard for content moderation frameworks in the face of evolving digital threats.

翻译：近年来，大型语言模型（LLM）在跨领域任务中展现出卓越能力，但其存在的偏见及恶意输入下生成有害内容的潜在风险带来严峻挑战。现有缓解策略虽有效，却难以抵御对抗性攻击。本文提出面向大型语言模型的弹性护栏（RigorLLM）——一种高效且有效调控LLM有害输入与输出的新型框架。通过多维度方法：基于朗之万动力学的能量约束训练数据增强、极小极大优化驱动的输入安全后缀优化，以及融合鲁棒K近邻与经数据增强优化的LLM融合模型，RigorLLM为有害内容管控提供了稳健解决方案。实验评估表明，RigorLLM不仅在有害内容检测上优于OpenAI API及Perspective API等现有基线，更展现出对越狱攻击无与伦比的鲁棒性。约束优化与融合式护栏机制的创新应用，为开发更安全可靠的LLM迈出关键一步，面对不断演变的数字威胁设立了内容管控框架的新标准。